package com.yxm.springbootsecurity.xss.servlet;

import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

/**
 * @author CAESAR
 * @Classname XssHttpServletRequestWrapper
 * @Description 重写getparamater参数   对参数进行处理
 * @Date 2019-09-20 20:43
 */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {

   private HttpServletRequest request;
    /**
     * Constructs a request object wrapping the given request.
     *
     * @param request The request to wrap
     * @throws IllegalArgumentException if the request is null
     */
    public XssHttpServletRequestWrapper(HttpServletRequest request) {
        super(request);
        this.request = request;
    }

    /**
     * 对有特殊字符的参数进行转义
     * @param name
     * @return
     */
    @Override
    public String getParameter(String name) {
        String value = super.getParameter(name);
        if (StringUtils.isNotEmpty(value)) {
            value = StringEscapeUtils.escapeHtml(value);
        }
        return value;
    }
}
